msm1267 writes: Attackers are using malicious PDFs posing as an application for an international travel visa to exploit a zero-day vulnerability in Adobe Reader and Acrobat, a researcher at FireEye told Threatpost today. Zheng Bu, senior director of security research at FireEye, said the attack has not yet been added to any of the popular exploit toolkits, but said that once more details are made public, that it would likely be a matter of time. "We haven’t seen this type of attack before; it's quite rare," Bu said. "If you look at the indicators of compromise of these attacks and the selection of the command and control server, it's all a bit new and not from the known hacker groups." Bu said FireEye discovered the exploit yesterday and communicated what it had found to Adobe, which asked the company not to disclose any information about the vulnerability. Bu would not comment on where the exploit was found, whether it was in a targeted attack against particular victims, or whom the victims may be. He also did not confirm whether the attacks are being spread via spear phishing messages.